The use of electronic messages, such as e-mail, allows users anywhere in the world to communicate with each other. In recent years, Internet users have been subjected to a torrent of unwanted e-mail messages. These unwanted messages generally take two forms: 1) messages originated by “spammers” to send advertising or solicitation, or as part of a confidence scheme, and 2) messages sent automatically by worms and other malicious software (malware) attempting to infect additional systems. In both cases, a large proportion of the messages attempt to disguise their true source to frustrate attempts to shut down the spammer, to disguise the identity of the infected system sending the message, or to support a social-engineering goal.
In an effort to reduce or eliminate the transmission of unwanted e-mail messages, various approaches have been proposed to verify the identity of the return address of an e-mail. However, current return address verification approaches suffer from various drawbacks that affect their implementation and usability. One approach is a path-based approach for attempting to verify the identity of the sender by verifying the Internet Protocol (IP) address of the message source. An e-mail recipient performs a Domain Name System (DNS) query to determine what addresses are used for outgoing mail servers of the domain as listed by the sender (e.g., for the e-mail address joesmith@example.com, example.com is the domain). If the message source is not from an outgoing mail server of the domain, it is determined that the identity of the return address is forged.
However, the path-based approach provides an incomplete solution to identity verification of an e-mail. For example, an authorized third party may send e-mail messages on behalf of a business. The third party may be authorized to send emails as an agent of the business, but not from the business' internal network. Businesses do not want to authorize third parties to send emails from their network, so as to not expose their network to the third parties. Furthermore, professional organizations, alumni associations, and other affinity domains may provide e-mail addresses to users. In both of these cases, a recipient may receive an e-mail supposedly coming from one domain, but the path indicates the e-mail actually came from another domain. The path-based approach would not be able to verify the sender of the e-mail in these cases. Moreover, path-based schemes can only identify a sender down to the domain level, not to the individual senders. In general, path-based identification schemes break some of the common ways e-mail is used, and are not always effective in filtering unwanted e-mail messages.
Signature-based identification schemes are also used to verify the sender of an e-mail. Pretty Good Privacy (PGP) and Secure Multipurpose Internet Mail Extensions (S/MIME) are examples of signature-based identification schemes. In general, signature-based schemes verify a message signature embedded in the message. If there is a modification to the signed content, the verification may fail. Some modifications to the signed content may be permissible, however. Therefore, signature-based approaches may result in authentic messages failing authentication.